package com.example.controller;

import com.example.entity.User;
import com.example.service.UserService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.*;
import org.springframework.web.servlet.mvc.support.RedirectAttributes;

import javax.servlet.http.HttpSession;

@Controller
@RequestMapping("/profile")
public class ProfileController {


    @Autowired
    private UserService userService;

    @GetMapping
    public String profile(HttpSession session, Model model) {
        System.out.println("[DEBUG] 进入 /profile 请求处理");

        // 检查 session 中的用户
        User currentUser = (User) session.getAttribute("user");
        System.out.println("[DEBUG] Session 中的用户: " + currentUser);

        if (currentUser == null) {
            System.out.println("[WARN] 用户未登录，跳转到 /login");
            return "redirect:/login";
        }

        // 从数据库获取最新信息
        System.out.println("[DEBUG] 查询数据库，用户ID: " + currentUser.getUserid());
        User user = userService.getUserById(currentUser.getUserid());
        System.out.println("[DEBUG] 数据库返回的用户信息: " + user);

        if (user == null) {
            System.out.println("[ERROR] 数据库未找到用户，ID: " + currentUser.getUserid());
            return "redirect:/login";
        }

        model.addAttribute("user", user);
        System.out.println("[DEBUG] 准备渲染 profile.jsp");
        return "profile"; // 对应 profile.jsp
    }

    @GetMapping("/change-password")
    public String showChangePasswordForm(HttpSession session) {
        System.out.println("[DEBUG] 进入 /profile/change-password GET 请求");

        User currentUser = (User) session.getAttribute("user");
        System.out.println("[DEBUG] Session 中的用户: " + currentUser);

        if (currentUser == null) {
            System.out.println("[WARN] 用户未登录，跳转到 /login");
            return "redirect:/login";
        }

        System.out.println("[DEBUG] 准备渲染 change-password.jsp");
        return "change-password"; // 对应 change-password.jsp
    }

    @PostMapping("/change-password")
    public String changePassword(
            @RequestParam String currentPassword,
            @RequestParam String newPassword,
            @RequestParam String confirmPassword,
            HttpSession session,
            RedirectAttributes redirectAttributes) {

        System.out.println("[DEBUG] 进入 /profile/change-password POST 请求");
        System.out.println("[DEBUG] 当前密码: " + currentPassword);
        System.out.println("[DEBUG] 新密码: " + newPassword);
        System.out.println("[DEBUG] 确认密码: " + confirmPassword);

        User currentUser = (User) session.getAttribute("user");
        System.out.println("[DEBUG] Session 中的用户: " + currentUser);

        if (currentUser == null) {
            System.out.println("[WARN] 用户未登录，跳转到 /login");
            return "redirect:/login";
        }

        // 验证当前密码（明文比对，不推荐生产环境）
        if (!currentPassword.equals(currentUser.getPassword())) {
            System.out.println("[WARN] 当前密码不正确");
            redirectAttributes.addFlashAttribute("error", "当前密码不正确");
            return "redirect:/profile/change-password";
        }

        // 验证新密码
        if (!newPassword.equals(confirmPassword)) {
            System.out.println("[WARN] 新密码与确认密码不一致");
            redirectAttributes.addFlashAttribute("error", "新密码与确认密码不一致");
            return "redirect:/profile/change-password";
        }

        // 更新密码（明文存储，不推荐生产环境）
        currentUser.setPassword(newPassword);
        System.out.println("[DEBUG] 更新用户密码，新密码: " + newPassword);
        userService.updateUser(currentUser);

        System.out.println("[DEBUG] 密码修改成功，跳转到 /profile");
        redirectAttributes.addFlashAttribute("success", "密码修改成功");
        return "redirect:/profile";
    }
}